Seeing undeliverable mails due to IP blocks? Here’s how your web hosting business can keep out of spam blacklists
At one time or another, every shared web hosting company has had to deal with email blacklisting issues. Hacked web sites, stolen/leaked account login details, or improperly configured mail servers allow hackers to send out thousands of spam, raising red flags in IP reputation monitors across the internet.
Bobcares help desk support services has helped web hosts prevent getting listed in spam blacklists through adopting industry best practices. In this post, a brief rundown is given on the top effective solutions to prevent IP blacklisting.
Hire Bobcares Server Administrators
Get super reliable servers and delighted customers
1. Hardening the web server to prevent spam scripts upload through hacked web applications
In popular web hosting control panels such as cPanel, Plesk, DirectAdmin, Interworx, etc the web server is Apache. One effective solution we have seen is to implement a security module that will prevent website hacking, as well as block any malware uploads. This will deny spammers a chance to use spamming scripts.
2. Preventing malware upload through compromised FTP and Control Panel login details
Web masters lose their account passwords through infected PCs, and these passwords are used by hackers to upload spamming scripts through FTP or Control Panel. We have been able to block spam script uploads by implementing upload scanners that work in tandem with anti-virus software. There are both free and paid software available for this.
3. Weeding out spam through mail queue scanner or mail gateway
More than 99% of spam can be weeded out through an anti-spam program running as a mail queue scanner or a dedicated mail gateway. While this solution is a bit expensive in terms of resource usage and software licenses, with proper configuration, we have been able to bring spamming to a virtual stand still.
4. Rate limiting email accounts to prevent spam flooding
Mail rate limiting is a popular solution we have found effective for shared web hosts with a limited budget. We first determine the average rate of outbound mail for each account from the email logs. Based on this a server default policy is enforced to limit the per hour mail rate. The 2% or less mail accounts that needs a higher mail rate is excluded on a case by case basis.
5. Server monitoring and hardening to prevent open relay
We recommend shared hosts to do periodic server audits and setup a monitoring system to send alerts. This allows users to make sure that the email server is not an open relay, and ensure that any anomalous mail spike is immediately investigated and fixed.
Spam blacklisting issues are common for shared web hosts, and the solution approach can vary from one web host to another. We would be glad to talk to you on what solution would be best for your business.
About the author
Visakh S is a senior software engineer at Bobcares. He has extensive experience in managing technical support teams of web hosting companies and data centers. He is passionate about systems engineering, and loves to get his hands dirty on systems automation.